239 matches found
CVE-2025-56551
An issue in DirectAdmin v1.680 allows unauthorized attackers to manipulate the page layout and replace the legitimate login interface with arbitrary attacker-controlled content via supplying a crafted GET request...
CVE-2025-56551
DirectAdmin Evolution Skin (v1.680) is affected. A crafted GET request can cause the page layout to be modified and replace the legitimate login interface with attacker-controlled content. Root cause is unspecified in the documents beyond content manipulation; exploitation status is not detailed....
EUVD-2025-32312
An issue in DirectAdmin v1.680 allows unauthorized attackers to manipulate the page layout and replace the legitimate login interface with arbitrary attacker-controlled content via supplying a crafted GET request...
PT-2025-40538
Name of the Vulnerable Software and Affected Versions DirectAdmin version 1.680 Description An issue allows unauthorized attackers to manipulate the page layout and replace the legitimate login interface with arbitrary attacker-controlled content. This is achieved by submitting a crafted GET...
CVE-2025-56551
An issue in DirectAdmin v1.680 allows unauthorized attackers to manipulate the page layout and replace the legitimate login interface with arbitrary attacker-controlled content via supplying a crafted GET request...
DirectAdmin Evolution Skin 安全漏洞
DirectAdmin Evolution Skin is an application from DirectAdmin, Inc. A security vulnerability exists in DirectAdmin Evolution Skin version 1.680 that stems from a specially crafted GET request that can manipulate the page layout, potentially causing the login screen to be replaced with...
CVE-2012-3842
Multiple cross-site scripting XSS vulnerabilities in CMDDOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via the 1 select0 or 2 select8 parameters...
CVE-2009-1526
JBMC Software DirectAdmin before 1.334 allows local users to create or overwrite any file via a symlink attack on an arbitrary file in a certain temporary directory, related to a request for this temporary file in the PATHINFO to the CMDDB script during a backup action...
CVE-2024-34014
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892, Acronis Backup extension for Plesk Linux...
CVE-2024-8767
Sensitive data disclosure and manipulation due to unnecessary privileges assignment. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 619, Acronis Backup extension for Plesk Linux before build 555, Acronis Backup plugin for DirectAdmin Linux before...
The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers targets programming environments such as cPanel & WHM, Plesk, and DirectAdmin, running on Linux operating systems. This vulnerability allows attackers to gain increased privileges.
The vulnerability of the backup and data restoration plugins on Acronis Backup software for computers and servers, as well as for cPanel & WHM, Plesk, and DirectAdmin operating systems on Linux, is related to errors in link processing. Exploiting this vulnerability allows a malicious actor to...
CVE-2024-10385
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...
CVE-2024-10385 Stored XSS in DirectAdmin Evo Skin
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...
CVE-2024-10385 Stored XSS in DirectAdmin Evo Skin
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...
CVE-2024-10385
CVE-2024-10385 affects DirectAdmin Evolution Skin’s ticket management system. It describes a stored XSS vulnerability that allows a low-privileged user to inject and persist malicious JavaScript; if an admin views the ticket, the script may perform privileged actions, including command execution....
DirectAdmin Evolution Skin 安全漏洞
DirectAdmin Evolution Skin is an application from DirectAdmin, Inc. A security vulnerability exists in DirectAdmin Evolution Skin versions prior to 1.668, which stems from the vulnerability of the Ticket management system to a cross-site scripting attack that allows a low-privileged user to injec...
PT-2024-16236 · Directadmin · Directadmin Evolution Skin
Name of the Vulnerable Software and Affected Versions: DirectAdmin Evolution Skin versions prior to 1.668 Description: The ticket management system in DirectAdmin Evolution Skin is vulnerable to Cross-site Scripting XSS, which allows a low-privileged user to inject and store malicious JavaScript...
CVE-2024-34014
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892, Acronis Backup extension for Plesk Linux...
CVE-2024-34014
Arbitrary file overwrite during recovery due to improper symbolic link handling. The following products are affected: Acronis Backup plugin for cPanel & WHM Linux before build 1.8.3.818, Acronis Backup plugin for cPanel & WHM Linux before build 1.9.1.892, Acronis Backup extension for Plesk Linux...
CVE-2024-34014
CVE-2024-34014 affects Acronis Backup plugin for cPanel & WHM (Linux) prior to builds 1.8.3.818 and 1.9.1.892, Acronis Backup extension for Plesk prior to 1.8.6.599, and Acronis Backup plugin for DirectAdmin prior to 1.2.2.181. The vulnerability is an arbitrary file overwrite during recovery caus...